is episode 3 of a 3-episode series; episodes 1 and 2 are linked at theend of this posting of episode 3's extract for the curious.

Following is an extract from the beginning of the above article:

The headline was published on a trusted news site that I read off of myiPhone. It stunned me into disbelief: "A 9.5 Magnitude EarthquakeDestroys Central California, Splits State Into Northern and SouthernHalves," it read. Fortunately for the inhabitants of the Golden State,this was not real news. Rather, it was some crafty misinformation thatwas wirelessly injected into my phone by a hacker named Samy Kamkar.

In our third and final episode of "Phreaked Out" we tackle the questionof mobile phone security. With global smartphone ownership expected tohit nearly 1.75 billion by the end of 2014, the threat of phone attacksis becoming as democratized as ever. Anyone with a smartphone isexploitable; any smartphone can be compromised. The control we thoughtwe had over our devices has increasingly eroded away. Thesophistication levels of our mobile devices allow them to moonlight asspy tools capable of the absolute worst case scenario: turning on theirowners.

It's a sobering reality that fascinates Kamkar. I met up with thesecurity polymath -- the same Samy Kamkar responsible for the virus thatknocked out MySpace in 2005 -- at his Tony Spark-esque enclave in WestHollywood for a series of phone hack demos.

To begin, Kamkar recreated a man-in-the-middle mobile attack, whereby hecreated an unencrypted, wireless network that combines ARP and DNSspoofing intended to modify content on any phone that joins it.

The demonstration illustrated how eager our smartphones can be toautomatically hop onto any previously accessed network. For example, byforging a commonly dubbed wifi name, such as "attwifi" or "Starbucks,"Kamkar can dupe phones into thinking it's joining a secure network. Headmits that this man-in-the-middle style attack is by no means cuttingedge, but it still works because many phones are still susceptible.

Ever stop to think that phones can graduate from hacking target tohacking assailant? On the heels of Kamkar's headline-swapping trick, heshowed us how phones and tablets can be instrumental in controllingdrones that then hack each other in the sky. Our cameras were rollingfor Kamkar's first ever, live demonstration of his zombie drone hack.He calls it Skyjack.

Here's how it worked: Kamkar spun up a "master" drone to detect anywireless signals from other exploitable drones (currently limited to theParrot AR.Drone for now). Once a signal is identified, the master droneinjects packets to the Parrot's unprotected network, enabling it tode-authenticate the target drone from its owner. In this case, Kamkarprogrammed the zombified drone to perform a flip once its controls werehijacked by the master drone.

Kamkar was inspired by Amazon's far-fetched but not implausible dronedelivery service. Here, the phone or tablet-controlled Skyjack canexploit weaknesses in the open networks of some of today's drones. Sothink twice before ordering a pricey Leica M9 digital camera usingAmazon's Prime Air drone service because a more spiteful hacker thanKamkar might just be able to reroute it to their doorstep. (To be fair,Amazon will likely have thought of this scenario by the time it bringsdrone delivery to market.)

{ article continues at the URL cited at the beginning of this posting }

The video supporting this phone hacks article is here:

runtime 19:06

For the curious who would like to see the first two episodes of the3-part "Phreaked Out" series: